https://www.facebook.com/sevensitblog/

Main Menu

How to Harden IPTABLES in your Ubuntu/debian Server

Today I’ll post a simple Iptables configuration , to harden a server connection , before apply any of this changes remember that if your server brings X services , this configuration will close the server to 2 operating ports

22 SSH and 80 ( HTTP)

All remaining ports will be closed , so be carefull and if you need to open more ports just repeat step 1

0. Open Unix console / SSH console

1.Check your Iptables version

$sudo Iptables -V

2.Allowing Ports ( 22 & 80 ) , If you need more ports to open , this is the way

We see that the default policy is to accept everything = > Chain INPUT ( policy ACCEPT ) .

We want to block all traffic that does not have prior authorization, so we will add the instruction to block all other

ports

3.Before blocking we gonna put this instruction

Then comes a problem: when a connection is to be made from our server to the kernel.org eg server to download the new kernel (just an example) , it will connect to the website and will wait for their response . The connection request will be fine but … will fail the coming back connection